﻿<!-- #include file="Skin.asp" -->
<!-- #include file="Channel.asp" -->
<!--#include file="Upfile.asp"-->
<%
Tit="上传文件"
Is_Refur_True=false
If Cookies_Get(Cookies_For&"Admin") = "GongXiang_Admin" Then
	Login_UserName = Cookies_Get(Cookies_For&"AdminUsername")
End If
If Session_Get(Session_For&"AdminID") = "" Then
	Response.Write "登录失败"
	Response.End()
End If
Dim strSetting,strJs
Dim IsReName
Dim strFilePath,InceptType,InceptMaxSize,Today_num
Dim Upload,FormName,FilePath,ChildFilePath
Dim File,F_FileName,F_ViewName,F_Filesize,F_FileExt,F_Type
Dim Previewpath,DrawInfo,InceptMaxFile
Dim Dim_UpConfig,Up_Type,Up_Filters,Is_Upload
Up_Type=UploadSetting(3)
Up_Filters=UploadSetting(4)
ErrMsg="":FoundErr=False
IsReName=1

Call Upload_Head()

If Action="Up" Then
	Call Upfile_Main()
Else
	Call UpLoad_Main()
End If

If FoundErr=True Then
	Response.Write "<script type='text/javascript'>"
	Response.Write "parent.layer.alert('"&ErrMsg&"');"
	Response.Write "location.href=""Uploader.asp?Action=templatedb&src=imgVar_src&preview=imgVar_imgTag_preview"";"
	Response.Write "</script>"
End If

Call Upload_End()

Sub Upload_Head()
	Response.Write "<!DOCTYPE html>" & vbCrLf
	Response.Write "<head>" & vbCrLf
	Response.Write "<title>" & SiteName & " - " & Tit & "</title>" & vbCrLf
	Response.Write "<meta http-equiv='Content-Type' content='text/html; charset=utf-8'>" & vbCrLf
	Response.Write "<link rel=""stylesheet"" type=""text/css"" href=""../" & AdminFolder & "/fonts/font-awesome/css/font-awesome.min.css"" />" & vbCrLf
	Response.Write "<link href='../" & AdminFolder & "/Plugins/layui/css/layui.css' rel='stylesheet' type='text/css' />" & vbCrLf
	Response.Write "<link href='../" & AdminFolder & "/Style/global.css' rel='stylesheet' type='text/css' />" & vbCrLf
	Response.Write "<link href='../" & AdminFolder & "/Style/font.css' rel='stylesheet' type='text/css' />" & vbCrLf
	Response.Write "<script type='text/javascript' src='../" & AdminFolder & "/Js/Admin.js'></script>" & vbCrLf
	Response.Write "<link rel='stylesheet' type='text/css' href='../Dialog/default.css'>" & vbCrLf
	Response.Write "<script type='text/javascript' src='../Dialog/main.js'></script>" & vbCrLf
	Response.Write "<link rel='stylesheet' type='text/css' href='../Dialog/style/default.css'>" & vbCrLf
	Response.Write "<script type='text/javascript' src='../Dialog/lhgcore.min.js'></script>" & vbCrLf
	Response.Write "<script type='text/javascript' src='../Dialog/lhgcalendar.min.js'></script>" & vbCrLf
	Response.Write "<script type=""text/javascript"" src=""../" & AdminFolder & "/Plugins/layui/layui.js""></script>" & vbCrLf
	Response.Write "<script type='text/javascript'>" & vbCrLf
	Response.Write "if (top.location==self.location) {top.location=""../"";}" & vbCrLf
	Response.Write "//加载 layer 模块" & vbCrlf
	Response.Write "layui.use('layer', function(){" & vbCrlf
	Response.Write "	layer = layui.layer;" & vbCrlf
	Response.Write "});" & vbCrlf
	Response.Write "function upload_submit() {" & vbCrLf
	Response.Write "	if(document.frm_upload.myfile.value=="""") {" & vbCrLf
	Response.Write "		parent.layer.alert('请选择要上传的文件！');" & vbCrLf
	Response.Write "		return false;" & vbCrLf
	Response.Write "	}" & vbCrLf
	Response.Write "	FileType=document.frm_upload.FileName.value.substr(document.frm_upload.FileName.value.length-3)" & vbCrLf
	Response.Write "	if ("
	If Instr(Up_Type,"|") > 0 Then
		StrUpload=Split(Up_Type,"|")
		For i = 0 to Ubound(StrUpload)
			If i<>Ubound(StrUpload) Then
				Response.Write "FileType!=""" & StrUpload(i) & """ && "
			Else
				Response.Write "FileType!=""" & StrUpload(i) & """"
			End If
		Next
	Else
		Response.Write "FileType!=""" & StrUpload & """"
	End If
	Response.Write ") {" & vbCrLf
	Response.Write "		parent.layer.alert(""文件类型不正确，只允许上传类型为 " & Replace(Up_Type, "|", ",", 1, -1, 1) & " 的文件！"");" & vbCrLf
	Response.Write "		document.frm_upload.myfile.select();" & vbCrLf
	Response.Write "		document.frm_upload.FileName.select();" & vbCrLf
	Response.Write "		document.frm_upload.myfile.value="""";" & vbCrLf
	Response.Write "		document.frm_upload.FileName.value="""";" & vbCrLf
	Response.Write "		return false;" & vbCrLf
	Response.Write "	}" & vbCrLf
	Response.Write "	document.frm_upload.myfile.select();" & vbCrLf
	Response.Write "	document.frm_upload.myfile.value="""";" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "</script>" & vbCrLf
	Response.Write "</head>" & vbCrLf
	Response.Write "<body>" & vbCrLf
End Sub

Sub Upload_End()
    Response.Write "</body>" & vbCrLf
    Response.Write "</html>"
End Sub

Sub UpLoad_Main()
	Dim PostRanNum
	Randomize
	PostRanNum = Int(900 * Rnd) + 100
	Session("UploadCode") = Cstr(PostRanNum)
    Response.Write "  <form name=""frm_upload"" action=""Uploader.asp?Action=Up&src=imgVar_src&preview=imgVar_imgTag_preview"" method=""post"" enctype=""multipart/form-data"" onSubmit=""javascript:return upload_submit();"">" & vbCrLf
    Response.Write "    <input type=""hidden"" name=""UploadCode"" value=""" & PostRanNum & """>" & vbCrLf
    Response.Write "      <input type=""text"" class=""txt"" onchange=""FileName.value=this.value"" id=""myfile"" name=""myfile"" size=""26"" style=""display:none;"">&nbsp;<button type=""button"" class=""layui-btn uploader"" hidefocus=""true"">上传<input type=""file"" name=""FileName"" id=""FileName"" onchange=""myfile.value=this.value;$('#submit').trigger('click');""></button>&nbsp;<button type=""submit"" id=""submit"" class=""layui-btn"" hidefocus=""true"" style=""display:none;""></button>" & vbCrLf
    Response.Write "  </form>" & vbCrLf
End Sub

Sub Upfile_Main()
	'if Not Is_Login_True or Post_Chk Then
		'Response.Write IsSuccess("您未登录，或者从外部提交信息，操作已被禁止。","Include/Uploader.asp?Action=templatedb&src=imgVar_src&preview=imgVar_imgTag_preview")
		'Response.End()
	'end if
	strSetting=UploadSetting
	if strSetting(0)=999 Then
		Response.Write "<script type='text/javascript'>"
		Response.Write "parent.layer.alert('系统未开放文件上传功能。');"
		Response.Write "location.href=""Uploader.asp?Action=templatedb&src=imgVar_src&preview=imgVar_imgTag_preview"";"
		Response.Write "</script>"
		Response.End()
	end if
	strFilePath=UploadSetting(1)  '上传路径
	InceptMaxSize=UploadSetting(21)   '上传大小
	InceptType=UploadSetting(3)  '上传类型
	strFilePath=InstallDir & "Skin/Images/"
	FilePath=strFilePath
	If strSetting(9)=1 Then
		DrawInfo = strSetting(10)
	ElseIf strSetting(9)=2 Then
		DrawInfo = Replace(strSetting(15),"{$InstallDir}",InstallDir)
		'DrawInfo = strSetting(15)
	Else
		DrawInfo = ""
	End If
	If DrawInfo = "" or Get_ChannelSetup(ChannelSetup,11)=0 Then strSetting(9) = 0
	Server.ScriptTimeOut=999999				'要是上传的文件比较大，就必须设置。
	Set Upload = New UpFile_Cls
	Upload.UploadType			= strSetting(0)				'设置上传组件类型
	Upload.UploadPath			= FilePath					'设置上传路径
	Upload.InceptFileType		= Replace(InceptType,"|",",")'设置上传文件限制
	Upload.MaxSize				= InceptMaxSize			'单位 KB
	Upload.InceptMaxFile		= 10					'每次上传文件个数上限
	Upload.ChkSessionName		= "UploadCode"			'防止重复提交。
	Upload.IsReName     	    = IsReName				'是否重命名。
	Upload.PreviewType			= strSetting(5)	        '设置预览图片组件类型
	Upload.PreviewImageWidth	= strSetting(6)		    '设置预览图片宽度
	Upload.PreviewImageHeight	= strSetting(7)		    '设置预览图片高度
	Upload.DrawImageWidth		= strSetting(18)		'设置水印图片或文字区域宽度
	Upload.DrawImageHeight		= strSetting(19)		'设置水印图片或文字区域高度
	Upload.DrawGraph			= strSetting(16)		'设置水印透明度
	Upload.DrawFontColor		= "#"&strSetting(12)			'设置水印文字颜色
	Upload.DrawFontFamily		= strSetting(13)			'设置水印文字字体格式
	Upload.DrawFontSize			= strSetting(11)			'设置水印文字字体大小
	Upload.DrawFontBold			= strSetting(14)		'设置水印文字是否粗体
	Upload.DrawInfo				= DrawInfo				'设置水印文字信息或图片信息
	Upload.DrawType				= strSetting(9)			'0=不加载水印 ，1=加载水印文字，2=加载水印图片
	Upload.DrawXYType			= strSetting(20)		'"0" =左上，"1"=左下,"2"=居中,"3"=右上,"4"=右下
	Upload.DrawSizeType			= strSetting(8)		    '"0"=固定缩小，"1"=等比例缩小
	If strSetting(17)<>"" Then
		Upload.TransitionColor	= "#"&strSetting(17)		'透明度颜色设置
	End If
	If Upload.ErrCodes<>0 Then
		FoundErr=True
		ErrMsg="系统发现以下错误：\n\n"& Upload.Description
		Exit Sub
	Else
		Upload.SaveUpFile
		If Upload.ErrCodes<>0 Then
			FoundErr=True
			ErrMsg="系统发现以下错误：\n\n"& Upload.Description
			Exit Sub
		End If
	End IF
	If Upload.Count > 0 Then
		For Each FormName In Upload.UploadFiles
			Set File = Upload.UploadFiles(FormName)
			F_FileName = FilePath & File.FileName
			call tmp_upload(f_filename)
			'创建预览及水印图片
			If Upload.PreviewType<>999 and File.FileType=1 Then
				'创建预览图片:Call CreateView(原始文件的路径,预览文件名及路径,原文件后缀)
				Upload.CreateView F_FileName,F_Viewname,File.FileExt
			End If
			
			Dim strFileSize,strFileName
			
			strFileSize=CStr(Round(File.FileSize / 1024))
			strFileName=File.OldFileName
			Response.Write "<script type='text/javascript'>"
			Response.Write "parent.document.getElementById("""&Code_Query("src")&""").value='"&F_FileName&"';"
			Response.Write "parent.document.getElementById("""&Code_Query("preview")&""").src='"&F_FileName&"';"
			Response.Write "location.href=""Uploader.asp?Action=templatedb&src=imgVar_src&preview=imgVar_imgTag_preview"";"
			Response.Write "</script>"
			Set File = Nothing
		Next
	Else
		FoundErr=True
		ErrMsg="请正确选择要上传的文件。"
		Exit Sub
	End If
	Set Upload = Nothing
End Sub

'上传附件非法代码过滤
Sub tmp_upload(upname)
	On Error Resume Next
	Dim objFSO,objTS,strText,strArray,ii
	Set objFSO=Server.CreateObject(Fso_Sys)
	Set objTS=objFSO.OpenTextFile(Server.MapPath(upname),1) '以文本文件方式读取文件
	strText=LCase(objTS.ReadAll) '全文读取，并转换为小写
	objTS.Close
	strArray=split(Up_Filters,"|")
	for ii=0 to ubound(strArray)
		if instr(strText,strArray(ii))<>0 Then
			is_upload=false
			Response.Write IsSuccess("上传失败：非法文件内容！","Include/Uploader.asp?Action=templatedb&src=imgVar_src&preview=imgVar_imgTag_preview")
			objFSO.DeleteFile Server.MapPath(upname),True '删除文件
		end if
		if is_upload=true Then exit sub
	next
	Set objFSO=nothing
End Sub
%>